API and MP-CLuster Certificate expired. Unable to upgrade NSX.
search cancel

API and MP-CLuster Certificate expired. Unable to upgrade NSX.

book

Article ID: 411604

calendar_today

Updated On:

Products

VMware NSX

Issue/Introduction

  • Pre-checks run on NSX managers show errors for expired certificates.
  • NSX manager and cluster API certificates show expired in NSX UI settings.
  • The following error in logs:
    • NSX 2099905 - [nsx@6876 comp="nsx-esx" subcomp="nsx-proxy" s2comp="nsx-net" tid="2099950" level="ERROR" errorCode="NET1111"] Certificate validation failed: 10-certificate has expired

Environment

VMware NSX 4.x

Cause

API certificates for NSX managers and the cluster are required to be valid prior to running NSX upgrades.

Resolution

Run the provided script in KB: Using Certificate Analyzer, Results and Recovery (CARR) Script to fix certificate related issues in NSX to resolve certificate management issues.

Powered by Wolken Software